4275 matches found
Sourcefire November Vulnerability Report
Sourcefire VRT researcher Alain Zidouemba talks about Microsoft Patch Tuesday, the SSL renegotiation flaw and the iPhone worm...
iPhone Worm Circulating in the Wild
A simple, yet effective, worm is now circulating on some jailbroken iPhones, changing settings on the phones and terminating some services. The worm, which was discovered Sunday, doesn’t appear to be too malicious, but is an indicator of what might lie ahead for owners of iPhones and other...
iPhone SMS Used as Bait in Rogue AV Scam
Cyber-criminals are using interest in MMS or SMS on the iPhone to trick users into downloading rogue antivirus software. According to security company Websense, attackers are abusing Google’s search engine to get users to click on links leading to a malicious page pushing scareware. Read the full...
Apple iPhone Safari浏览器tel: URI处理拒绝服务漏洞
BUGTRAQ ID: 36386 CVE ID: CVE-2009-3271 iPhone是苹果发布的智能手机。 iPhone OS中内嵌的Safari浏览器在处理网页IFRAME元素SRC属性中的超长tel: URL时可能会崩溃。 Apple iPhone OS 3.0.1 厂商补丁: Apple ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.apple.com Apple Safari Iphone Crash using tel: Found by cloud :...
CVE-2009-3273
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate...
Design/Logic Flaw
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate...
CVE-2009-3271
Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service application crash via a long tel: URL in the SRC attribute of an IFRAME element...
CVE-2009-3271
Apple Safari on iPhone OS 3.0.1 is reported vulnerable to a remote denial-of-service via a long tel: URL in the SRC attribute of an IFRAME element. The underlying issue is the handling of oversized tel: URIs in IFRAME SRCs, which can cause the browser to crash. The CVE is CVE-2009-3271. Affected ...
CVE-2009-3273
CVE-2009-3273 affects iPhone Mail on Apple iPhone OS and iPhone OS for iPod touch. The issue is that these clients do not validate X.509 certificates, enabling a man-in-the-middle to spoof arbitrary SSL email servers with a crafted certificate. The NVD entry lists a base score of 7.5 (HIGH) with ...
CVE-2009-3273
iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate...
Apple Safari IPhone (using tel:) Remote Crash Exploit
No description provided by source. Apple Safari Iphone Crash using tel: Found by cloud : cloudatmadpowahdotorg http://blog.madpowah.org Tested on Iphone 3G, OS 3.0.1 Launch Safari, enter the page and after a few seconds Safari will crash and black screen will appear Exploit: ?php settimelimit0;...
iPhone Safari Crash Exploit
Apple Safari Iphone Crash using tel: Found by cloud : cloudatmadpowahdotorg http://blog.madpowah.org Tested on Iphone 3G, OS 3.0.1 Launch Safari, enter the page and after a few seconds Safari will crash and black screen will appear Exploit: '; ?...
[TKADV2009-007] Apple iPhone OS AudioCodecs Heap Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory: Apple iPhone OS AudioCodecs Heap Buffer Overflow Advisory ID: TKADV2009-007 Revision: 1.0 Release Date: 2009/09/09 Last Modified: 2009/09/09 Date Reported: 2009/04/05 Author: Tobias Klein tk at trapkit.de Affected Software: iPhone OS 1.0...
Apple iPhone buffer overflow
Buffer overflow in Audio Codecs on AAC and MP3 streams parsing...
Apple Safari IPhone (using tel:) Remote Crash Exploit
Exploit for hardware platform in category dos / poc ===================================================== Safari Apple iPhone using tel: Remote Crash Exploit ===================================================== Apple Safari Iphone Crash using tel Tested on Iphone 3G, OS 3.0.1 Launch Safari, ente...
Apple Safari IPhone - using tel: Remote Crash
Apple Safari Iphone Crash using tel: Found by cloud : cloudatmadpowahdotorg http://blog.madpowah.org Tested on Iphone 3G, OS 3.0.1 Launch Safari, enter the page and after a few seconds Safari will crash and black screen will appear Exploit: '; ? milw0rm.com 2009-09-14...
Apple Safari IPhone - using tel: Remote Crash
Apple Safari IPhone - using tel: Remote Crash Apple Safari Iphone Crash using tel: Found by cloud : cloudatmadpowahdotorg http://blog.madpowah.org Tested on Iphone 3G, OS 3.0.1 Launch Safari, enter the page and after a few seconds Safari will crash and black screen will appear Exploit: '; ?...
iPhone, QuickTime Bitten by Serious Security Bugs
Apple has released security patches to cover serious security vulnerabilities in its iPhone, iPod Touch and QuickTime products. The most serious of the vulnerabilities could lead to remote code execution attacks that give malicious hackers an easy way to hijack computers and mobile devices. Read...
Apple iPhone 3.1之前版本SMS消息NULL指针引用漏洞
Bugraq ID: 36336 CVE ID:CVE-2009-2815 iPhone是一款苹果公司发布的智能手机。 iPhone处理到知通告的SMS消息存在NULL指针应用错误,发送特殊构建的SMS消息可导致服务中断,造成拒绝服务攻击。 Apple iPhone 3.0.1 Apple iPhone 2.2.1 Apple iPhone 2.0.2 Apple iPhone 2.0.1 Apple iPhone 1.1.4 Apple iPhone 1.1.3 Apple iPhone 1.1.2 Apple iPhone 1.1.1 Apple iPhone 1.0.2 Apple...
CVE-2009-2206
Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted 1 AAC or 2 MP3 file, a...